Ken Raeburn [Mon, 2 Feb 2009 21:13:42 +0000 (21:13 +0000)]
Get rid of casts of free() argument to char*, except where it's
casting away const (so as to make this change warning-neutral), and in
unicode source (which we may want to keep in sync with another
source), and krb5_xfree macro (to be handled separately).
Ken Raeburn [Mon, 2 Feb 2009 20:37:41 +0000 (20:37 +0000)]
Revise last change to better resemble the original test, keeping the
min-lifetime test code collected together. Change policy to have a
minimum password lifetime of 10s instead of 30s, and reduce the test
delays accordingly.
Ken Raeburn [Mon, 2 Feb 2009 19:29:52 +0000 (19:29 +0000)]
speed up kpasswd tests
Reorder some tests and tune delays, so that we don't need to run for
much more than twice the min-password-life interval when testing that
functionality. (This could be made faster if we can assume that
init_db will always have been run immediately before the tests start.)
In my tests, this cuts something like 11 seconds off the run time (now
down to about 65 seconds).
Ken Raeburn [Mon, 2 Feb 2009 18:42:06 +0000 (18:42 +0000)]
address lib/kadm5 test suite slowness
In mod-principal tests for clearing the principal's policy, instead of
just testing to see if the wrong string is output and timing out
looking for it, check also for the new expected value. Cuts test
suite run time by about two minutes for each pass (client vs server).
Ken Raeburn [Sat, 31 Jan 2009 04:39:34 +0000 (04:39 +0000)]
use t_inetd with a ready message and avoid waiting a lot in non-root tests
Change t_inetd to print a ready message when it has started listening
on the indicated port number.
Look for this message in sample.exp rather than waiting an arbitrary
(and usually excessive) 2s each time for the inetd-mode tests. Use
run_once to perform the standalone-mode test only once per test suite
invocation.
Change rsh and rcp tests to start the servers via t_inetd and avoid
excessive waiting at startup.
In some of my tests, this reduces the tests/dejagnu tests from taking
over 6 minutes to taking around 2 minutes.
(This does mean the server process will no longer have started up
before we launch the client, so it may be slower to respond, but it'll
still be faster than the 2s delay we used before even trying to
connect.)
We can probably eliminate the -D option code from krshd.c now.
The tests run as root (rlogin, telnet) still need updating.
Will Fiveash [Fri, 30 Jan 2009 23:55:14 +0000 (23:55 +0000)]
Master Key Migration Project
Commit for the Master Key Migration Project.
http://k5wiki.kerberos.org/wiki/Projects/Master_Key_Migration
This commit provides the ability to add a new master key (with an
enctype differing from the current master key) to the master key
principal and stash file and then migrate the encryption of existing
principals long term keys to use the new master key. In addition
deletion of master keys is provided.
Ken Raeburn [Wed, 28 Jan 2009 00:04:15 +0000 (00:04 +0000)]
Start to phase out krb5_xfree macro, which just casts its argument to
char* and calls free.
Replace most uses, outside of the LDAP KDB plugin, which doesn't build
on my test system of the moment because of version dependencies. Add
one explicit cast to make the change warning-neutral (under gcc 4.0.1
on Mac OS X 10.5.6).
Ezra Peisach [Sun, 25 Jan 2009 16:44:02 +0000 (16:44 +0000)]
Use a struct in_addr to insure alignment of address - instead of
random alignment on the stack. Solaris 2.10 has issues if the address
is not aligned. The rest of the code in the tree uses a struct
in_addr or mallocs the address - which will be sufficiently aligned.
Ken Raeburn [Sat, 24 Jan 2009 01:27:16 +0000 (01:27 +0000)]
Change 16/32/64-bit big-/little-endian/native unaligned load/store
routines to take void pointers, so they can operate on both plain and
unsigned char buffers, or other types.
Remove some now-unneeded casts.
Ken Raeburn [Fri, 23 Jan 2009 18:04:08 +0000 (18:04 +0000)]
hash db2 code breaks if st_blksize > 64k
The hash db code assumes in places that the block size is no larger
than 64K. There's a range check in the case where you don't have a
file but provide initialization info. The btree code will cap the
block size used at 64K.
Apparently Sun's ZFS can report back a block size of 128K, causing the
db2 tests to fail.
Add such a cap to the hash db creation code.
Note that our default configuration is to use the btree code when
creating a new database, so it's unlikely that this will cause
real-world problems unless someone went out of their way to specify
use of the hash format.
Ken Raeburn [Fri, 23 Jan 2009 00:46:46 +0000 (00:46 +0000)]
Include cksumtypes.h from aead.h to get struct krb5_cksumtypes (moved
in rev 21753).
Protect cksumtypes.h from multiple inclusions.
Update dependencies.
Ken Raeburn [Thu, 15 Jan 2009 23:22:53 +0000 (23:22 +0000)]
Make enctype and checksumtype name mapping table types private to the
crypto library. Add a field for aliases to the record type so that
aliases don't have to be implemented by duplicating all the other
information.
Ken Raeburn [Thu, 15 Jan 2009 19:15:22 +0000 (19:15 +0000)]
Fix an additional multiple-write case noted by John, where sendauth
calls write_message twice in a row.
Add new function krb5int_write_messages, calls krb5_net_writev with
multiple messages (currently only two at a time). Use it from
krb5_write_message and krb5_sendauth.
Greg Hudson [Thu, 15 Jan 2009 19:11:45 +0000 (19:11 +0000)]
Rework the replay cache extensions to make the hash extension records
stand alone. Otherwise, reordering of records during an expunge could
cause the hash to be applied to the wrong record.
Also add an "expunge" option to the t_replay program, and clean up some
memory-handling inconsistencies.
Ken Raeburn [Thu, 15 Jan 2009 00:59:27 +0000 (00:59 +0000)]
Add new routine krb5int_net_writev using scatter-gather source.
Use it from krb5_net_write to ensure testing and reduce duplication.
Use it from krb5_write_message to avoid Nagle+DelayedAck problem.
Ken Raeburn [Wed, 14 Jan 2009 23:36:04 +0000 (23:36 +0000)]
If we have a local UDP socket without the PKTINFO option set, it's
bound to a local address, so use getsockname to extract the local
(destination) address.
Ken Raeburn [Wed, 14 Jan 2009 21:29:10 +0000 (21:29 +0000)]
If recv_from_to is passed a buffer for the local endpoint address,
clobber it before doing anything else, just in case we can't retrieve
the address and the caller blindly uses the buffer anyways.
Ken Raeburn [Wed, 14 Jan 2009 20:05:09 +0000 (20:05 +0000)]
Merge some very simple points of divergence in the two copies of network.c -- enum ordering, whitespace,
duplicate macro definitions, unused code, 0 vs NULL...
Russ Allbery [Wed, 14 Jan 2009 00:29:04 +0000 (00:29 +0000)]
Force tickets acquired by the kadm5 client library via password
authentication to be non-forwardable and non-proxiable, overridding
any [libdefaults] configuration. This may be necessary at sites that
set forwardable to true by default in their krb5.conf files but
disable forwardable tickets for privileged principals. Since the
ticket cache acquired by the kadm5 client library is used only for
kadmin operations, where forwardable is not useful or necessary, there
is no reason to ever attempt to obtain forwardable or proxiable tickets
here.
Sam Hartman [Tue, 13 Jan 2009 22:57:42 +0000 (22:57 +0000)]
Patch from Luke Howard to:
* Accept both CFX and non-CFX tokens all the time on acceptor
* Only produce an acceptor subkey if you are using cfx or dce or negotiating up to cfx
Additional changes from Sam Hartman:
* do not assume that the ticket key type (server key) is a valid target for negotiation: the client may not support it.
Ezra Peisach [Tue, 13 Jan 2009 19:43:18 +0000 (19:43 +0000)]
FreeBSD compiler errors out on an error "zero or negative size array"
after setting up an array with no elements.
ifdef out array declarations and code that uses it until there are entries.
Affects: krb5_gss_inquire_cred_by_oid_ops and
krb5_gss_set_sec_context_option_ops which would return an error in any
case as here are no entries in the arrays.
Sam Hartman [Mon, 12 Jan 2009 21:03:02 +0000 (21:03 +0000)]
Remove gss_export_name_object and gss_import_name_object.
These are not standard interfaces, are not used by our tree
and were added because they might be useful but ended up not being used.
The stubs in gssapi.hin remain as they were shipped with previous releases.
Sam Hartman [Mon, 12 Jan 2009 19:59:16 +0000 (19:59 +0000)]
Patch from Luke Howard:
Previously when using the kdb keytab, there was a check to confirm that the server
was supported as a server and that attackers
could not force an enctype downgrade.
Add these to kdc_get_server_key
projects / thirdparty / krb5.git / log
